Methods and arrangements for providing a mark-up language based graphical user interface for user identification to an operating system

ABSTRACT

Methods and arrangements are provided that can be used to identify users to an operating system during initialization through an advanced graphical user interface (GUI). The resulting GUI can be visually compelling and functional while advantageously remaining easy for the developer to create, maintain and modify. A markup language rendering engine is loaded substantially near the beginning of an operating system initialization procedure, and provided with markup language code that solicits at least one user input associated with a user logon process when rendered by the markup language rendering engine. The markup language code can be written in Hypertext Markup Language (HTML), Dynamic HTML, eXtensible Markup Language (XML), eXtensible Hypertext Markup Language (XHTML), Standard Generalized Markup Language (SGML), etc.

RELATED APPLICATION

This application is a continuation of and priority is claimed toco-pending United States Patent Application having Ser. No. 09/539,231and a filing date of Mar. 30, 2000 for “Methods And Arrangements ForProviding A Mark-Up Language Based Graphical User Interface For UserIdentification To An Operating System” of Sierra et al., which claimspriority from U.S. Provisional Application Ser. No. 60/170,955, filedDec. 15, 1999 (Applicant's Docket Number 149399.1, entitled “Web-BasedUser Interface For User Identification To The Operating System”, expressmailing label number EL425348720US). This co-pending non-provisionalUnited States Patent Application is commonly assigned herewith and ishereby incorporated herein by reference for all that it discloses.

BACKGROUND

Computer systems are often protected by a logon program and/or othersubsequent authentication programs that determine whether a user haspermission to access certain computer system resources. By way ofexample, a networked computer may require that a user input a valid username and password before the user is allowed to access networkresources. Similarly, a Web site on the World Wide Web (WWW) portion ofthe Internet or on an intranet may require a valid user ID and passwordbefore the user is allowed to gain further access to various resources.

Controlling user access is not limited to networked computers. A singlecomputer that is accessed by several users may also need to limit accessto files and/or various programs therein. Thus, for example, in a homeenvironment, a parent may decide to limit a child's access to thecomputer entirely, certain programs and/or certain data. Similarly, in abusiness environment, certain users may have limited access.

Controlling access to computers as described above is well known.Typically, there is an initial logon program or the like that requestsuser input, receives the user input and determines if the user isallowed access. Once the user has been authenticated, then otherprograms are allowed to operate. For example, in a networked operatingsystem environment, during the booting-up of a personal computer (PC) orlike device connected to the network, the user is typically presentedwith a modal dialog requesting a user name and associated password. Inthis example, the modal dialog is displayed by the network's logonprogram. For a single PC, a logon program associated with the operatingsystem may display a similar modal dialog.

In either case, the modal dialog tends to be tightly integrated withinthe logon program code of the network software and/or operating systemsoftware. As a result, it is often difficult and expensive tosignificantly alter the modal dialog or otherwise to introduce newfunctional and nonfunctional features, such as those typicallyassociated with conventional graphical user interfaces (GUIs).

Thus, there is need for improved methods and arrangements that provideenriched techniques for identifying users to an operating system.Preferably, the methods and arrangements will allow for a more advancedGUI to be presented to the user, while also remaining easy for thedeveloper to maintain and modify.

SUMMARY

The present invention includes various methods and arrangements that canbe implemented to identify users to an operating system through anadvanced graphical user interface (GUI). The resulting GUI can bevisually compelling and functional while advantageously remaining easyfor the developer to create, maintain and modify.

Thus, for example, the above stated needs and others are met by a methodthat includes arranging for a markup language rendering engine to beloaded substantially near the beginning of an operating systeminitialization procedure, and providing markup language code suitablefor use with the markup language rendering engine. The markup languageis capable of soliciting at least one user input associated with a userlogon process when rendered by the markup language rendering engine.

With the above example in mind, in accordance with certainimplementations, a logon screen, for example, can be rendered from codewritten in Dynamic HTML (Hypertext Markup Language), eXtensible MarkupLanguage (XML), eXtensible Hypertext Markup Language (XHTML), StandardGeneralized Markup Language (SGML), or the like.

For the logon screen to be most effective upon initializing thecomputer, there will usually be a need to render the associated markuplanguage file(s) early during the initialization stage. Accordingly, incertain implementations, the markup language rendering engine is loadedvery near the beginning of the initialization of the operating system.

BRIEF DESCRIPTION OF THE DRAWINGS

A more complete understanding of the various methods and arrangements ofthe present invention may be had by reference to the following detaileddescription when taken in conjunction with the accompanying drawingswherein:

FIG. 1 is a block diagram depicting an exemplary computer system.

FIG. 2 depicts an exemplary mark-up language based graphical userinterface suitable for use in the computer system of FIG. 1 inidentifying users to the operating system.

FIG. 3 is a flowchart depicting an exemplary process for identifyingusers to the operating system using a mark-up language based graphicaluser interface.

DETAILED DESCRIPTION

As shown in FIG. 1, computer 20 includes one or more processors orprocessing units 21, a system memory 22, and a bus 23 that couplesvarious system components including the system memory 22 to processors21. Bus 23 represents one or more of any of several types of busstructures, including a memory bus or memory controller, a peripheralbus, an accelerated graphics port, and a processor or local bus usingany of a variety of bus architectures.

The system memory includes read only memory (ROM) 24 and random accessmemory (RAM) 25. A basic input/output system (BIOS) 26, containing thebasic routines that help to transfer information between elements withincomputer 20, such as during start-up, is stored in ROM 24.

Computer 20 further includes a hard disk drive 27 for reading from andwriting to a hard disk, not shown, a magnetic disk drive 28 for readingfrom and writing to a removable magnetic disk 29, and an optical diskdrive 30 for reading from or writing to a removable optical disk 31 suchas a CD ROM, DVD ROM or other optical media. The hard disk drive 27,magnetic disk drive 28 and optical disk drive 30 are each connected tobus 23 by applicable interfaces 32, 33 and 34, respectively.

The drives and their associated computer-readable media providenonvolatile storage of computer readable instructions, data structures,program modules and other data for computer 20. Although the exemplaryenvironment described herein employs a hard disk, a removable magneticdisk 29 and a removable optical disk 31, it should be appreciated bythose skilled in the art that other types of computer readable mediawhich can store data that is accessible by a computer, such as magneticcassettes, flash memory cards, digital video disks, random accessmemories (RAMs) read only memories (ROM), and the like, may also be usedin the exemplary operating environment.

A number of program modules may be stored on the hard disk, magneticdisk 29, optical disk 31, ROM 24, or RAM 25, including an operatingsystem 35, one or more application programs 36, other program modules37, and program data 38. A user may enter commands and information intocomputer 20 through input devices such as keyboard 40 and pointingdevice 42. Other input devices (not shown) may include a microphone,joystick, game pad, satellite dish, scanner, or the like. These andother input devices are connected to the processing unit 21 through aninterface 46 that is coupled to bus 23.

A monitor 47 or other type of display device is also connected to bus 23via an interface, such as a video adapter 48. In addition to themonitor, personal computers typically include other peripheral outputdevices (not shown) such as speakers and printers.

Computer 20 can operate in a networked environment using logicalconnections to one or more remote computers, such as a remote computer50. Remote computer 50 may be another personal computer, a server, arouter, a network PC, a peer device or other common network node, andtypically includes many or all of the elements described above relativeto computer 20. The logical connections depicted in FIG. 2 include alocal area network (LAN) 51 and a wide area network (WAN) 52. Suchnetworking environments are commonplace in offices, enterprise-widecomputer networks, intranets, and the Internet.

When used in a LAN networking environment, computer 20 is connected tothe local network 51 through a network interface or adapter 156. Whenused in a WAN networking environment, computer 20 typically includes amodem 54 or other means for establishing communications over the widearea network 52, such as the Internet. Modem 54, which may be internalor external, is connected to bus 23 via interface 46. In a networkedenvironment, program modules depicted relative to the personal computer20, or portions thereof, may be stored in the remote memory storagedevice. It will be appreciated that the network connections shown areexemplary and other means of establishing a communications link betweenthe computers may be used.

Reference is now made to FIG. 2, which depicts an exemplary mark-uplanguage based graphical user interface (GUI) display suitable for usein identifying users to the operating system of computer 20. Here, alogon screen 100 is shown as having a first title area 102 thatidentifies logon screen 100. Logon screen 100 may take up be a fullscreen of display 47 or a portion thereof. As shown, first title area102 can include any graphical feature (e.g., bitmap, photo, video, text,etc).

Logon screen 100 also includes a single/multiple user logon area 104wherein the user is presented with selectable user identifiers andrelated information and permitted to input certain data. In thisexample, logon area 104 is configured for five different users, namely,Billy, Christopher, Pat, Suzie, and William; each being identified by atext identifier 110 and graphical identifier 112. Thus, William maybegin logging on to the operating system by selecting either textidentifier 110, graphical identifier 112. If William has an establishedpassword, then a password input field 114 is displayed and configured toreceive his input (i.e., password). Once William's password has beenauthenticated then William is logged on. If William does not have anestablished password, then he would be logged on after selecting textidentifier 110 or graphical identifier 112.

Logon screen 100 can also be configured to display other user relatedinformation 116 to a user. In this example, user related information 116identifies that Suzie has ten (10) new messages.

A second title area 106 is shown in this example along the left handborder of logon screen 100. Here, second title area 106 identifies thecomputer as the “Den Computer”. A selectable shut down mechanism 108 isalso provided to allow a user to shut down the computer.

With the above example in mind, in accordance with certainimplementations, logon screen 100 is a mark-up language based GUI. Forexample, a Dynamic HTML (Hypertext Markup Language) can be used tocreate logon screen 100. Dynamic HTML provides a mechanism to include awide variety of functional as well as non-functional features to logonscreen 100. Other types of mark-up languages and the like may also beused to define logon screen 100. For example, eXtensible Markup Language(XML), eXtensible Hypertext Markup Language (XHTML) or StandardGeneralized Markup Language (SGML) may be used.

For logon screen 100 to be effective upon initializing computer 20,there is a need to render the associated markup language file(s) earlyduring the initialization stage. Accordingly, a markup languagerendering engine (i.e., program) is loaded very near the beginning ofthe initialization of the operating system. Such rendering engines arewell known. An exemplary markup language rendering engine is providedwithin Microsoft Internet Explorer (IE).

Dynamic HTML allows developers to create very attractive and colorfuluser interfaces. Thus, logon screen 100 may incorporate graphics andanimations easily, while scripting complex behaviors, such as definingwhat happens when a user clicks on their name. The logon screen can bemulti-layered and scaled to work with different resolutions.Additionally, complex graphical visual effects, such as, e.g., alphablending, can be employed to create fades and transparencies that wouldbe very difficult to implement in a traditional modal dialog interface.

By using a markup language and preloading the markup language renderingengine in the logon context, developers can advantageously prototype andgenerate dynamic user interfaces quickly and at a lower cost than wouldbe required to significantly modify a conventional modal dialog. Thus,conceivably, each computer may have its own custom logon screen.

Having the ability to rapidly create and prototype logon screen designswill also make it easy for users to agree on what they like. Forexample, by changing the Cascading Style Sheets (CSS) and Dynamic HTMLtemplates, developers can quickly change the logon screen withoutaffecting the logon program code

Reference is now made to FIG. 3, which is a flowchart depicting anexemplary process 200 for identifying users to the operating systemusing a mark-up language based GUI.

In step 202, the logon program is initiated. This would occur uponrebooting computer 20, for example. Next, in step 204, a separateprocess, having a markup language rendering engine, is spawned to hostthe markup language content.

In step 206, the separate process retrieves user data from the operatingsystem or elsewhere. The user data can include a listing of users,associated text identifiers 110, graphical identifiers 112, a passwordenabled identifier, and possibly, a password hint data (if enabled).Next, in step 208, the markup language rendering engine displays logonscreen 100 along with applicable portions of the user data.

In step 210 the markup language rendering engine collects user inputs.This can include user mouse clicks, user typed text, audio commands,and/or other acceptable forms of user input. In the example of FIG. 2,William would select text identifier 110 or graphical identifier 112.Assuming that William has established a password (i.e., password isenabled), then he would need to enter his password.

Next, in step 212, the user inputs (e.g., user name and password) areprovided to the logon program. In step 214, the logon program attemptsto authenticate the user. If the user is authenticated, then a userdesktop and/or workspace is created and subsequently displayed ondisplay 47. If the user is not authenticated in step 214, then process200 would return to either step 208, step 210, or otherwise handle thefailed attempted logon.

Process 200 can be implemented, for example, within a Microsoft Windowsoperating system environment using Dynamic HTML and availableinterfaces. Thus, a logon process, known as WinLogon, spawns a separateprocess to host the Dynamic HTML content. When WinLogon launches theseparate process, it provides a mechanism to communicate with WinLogonso that the HTML interface can ask WinLogon to authenticate the user andstart their desktop session. The Dynamic HTML code then makes calls toan ActiveX control or like applet that communicates with the operatingsystem to determine the list of users, the picture to associate with theuser, a password hint if one was configured by the user and whether theuser has a password configured. The user then selects their picture orname, for example, and types in their password (if needed), after whichthe HTML code calls the ActiveX control with the user name and password.The ActiveX control then passes this information back to WinLogon wherethe authentication takes place. If the user is authenticated, thenWinLogon creates the user's desktop and switches to it. At this point,the Dynamic HTML process is finished. Thereafter, the rendering enginemay remain loaded or may be terminated.

Although some preferred embodiments of the various methods andarrangements of the present invention have been illustrated in theaccompanying Drawings and described in the foregoing DetailedDescription, it will be understood that the invention is not limited tothe exemplary embodiments disclosed, but is capable of numerousrearrangements, modifications and substitutions without departing fromthe spirit of the invention as set forth and defined by the followingclaims.

1. One or more computer-readable media having computer-executableinstructions for causing one or more processors to perform actscomprising: arranging for a markup language rendering engine to beloaded during an operating system's initialization procedure, theinitialization procedure having a user logon process configured toselectively allow a user to logon to the operating system; and providingmarkup language code suitable for use with the markup language renderingengine, the markup language code capable of soliciting at least one userinput when rendered by the markup language rendering engine, the userinput being associated with the user logon process and enabling the userlogon process to selectively allow the user to logon to the operatingsystem.
 2. The media as recited in claim 1, wherein providing the markuplanguage code further includes providing user data, the user data beingoperatively associated with the user logon process.
 3. The media asrecited in claim 2, further comprising: configuring the markup languagerendering engine to display at least a portion of the user data based onthe markup language code.
 4. One or more computer-readable media havingcomputer-executable instructions for causing one or more processors toperform acts comprising: presenting, during a computer's operatingsystem's initialization procedure and prior to allowing a user to logonto the computer, a markup language based graphical user interface havinga logon screen, the logon screen having a user logon area withselectable user identifiers; receiving selection of one of theselectable user identifiers to provide a selected user identifier; andindicating, responsive to the selection, data receivable from a userassociated with the selected user identifier that is capable ofpermitting authentication of the user effective to allow the user tologon to the computer.
 5. The media as recited in claim 4, wherein theuser identifiers comprise text identifiers.
 6. The media as recited inclaim 5, wherein the user identifiers comprise graphical identifiers. 7.The media as recited in claim 6, wherein one of the graphic identifiersis animated.
 8. The media as recited in claim 4, wherein the act ofindicating prompts the user associated with the selected user identifierto input the data.
 9. The media as recited in claim 8, wherein the datais a password.
 10. The media as recited in claim 4, wherein the act ofindicating presents a password input field.
 11. The media as recited inclaim 4, wherein the logon screen comprises a single selectable shutdown mechanism configured to shut the computer down when selected by theuser through the graphical user interface.
 12. The media as recited inclaim 4, wherein the logon screen comprises user-related informationindicating that a user associated with one of the selectable useridentifiers has a message.
 13. The media as recited in claim 12, whereinthe message is an email message.
 14. The media as recited in claim 12,wherein the user-related information indicates a number of messages. 15.The media as recited in claim 4, wherein the logon screen has a titlearea having a title that identifies the computer.
 16. A methodcomprising: presenting, while a computer is booting and prior to a userbeing allowed to logon to the computer, a markup language basedgraphical user interface having a logon screen, the logon screen havinga user logon area capable of soliciting at least one user input;receiving a user input through the user logon area; and logging the userassociated with the user input on the computer.
 17. The method asrecited in claim 16, further comprising, prior to the act of presenting,receiving instructions to load a markup language rendering engine andmarkup language code suitable for use with the markup language renderingengine, the markup language code capable of soliciting the at least oneuser input when rendered by the markup language rendering engine. 18.The method as recited in claim 16, wherein the logon area comprises anidentifier identifying the user and the act of receiving receivesselection of the identifier.
 19. The method as recited in claim 16,wherein the user input comprises a password and further comprisingauthenticating the user with the password prior to logging the user onthe computer.
 20. The method as recited in claim 16, wherein the markuplanguage based graphical user interface comprises user-relatedinformation indicating that the user has a new email message.